Needle in a Haystack – Getting to Attribution in Control Systems
The nation’s control systems support critical infrastructure like water treatment plants and the bulk electricity system. When they are compromised, the stakes can be extremely high, potentially even including loss of life. In this webcast, SCADA security expert Matthew Luallen describes the risks to control systems and discusses with leading security vendors how we can protect them.
RecordedFeb 22 201275 mins
Your place is confirmed, we'll send you email reminders
Attendees will learn:
•How they can detect key indicators of a threat earlier in the threat kill chain to avoid or limit the financial damage as well as the damage to their reputation.
•The importance of end point security across your business critical systems, including your POS systems.
•How implementing critical security controls can make you an unattractive target.
•Discuss how to translate security information into specific and scalable action
•Describe the remediation plan for the controls, starting with the Top 5
•Discuss how the Council on CyberSecurity uses a community approach to this translation problem to create and sustain the Critical Security Controls.
•Discuss how the community will help advise and support your risk management efforts with a formalized framework
The Heartbleed vulnerability in detail, how it occurred with examples of how it can be used against your organization
How you can identify your business exposure and what systems are vulnerable
How Tripwire’s solutions work together to help you close the detection, remediation and prevention gaps around Heartbleed
• Discuss how human resources, legal and IT can work together to help prevent insider threats before they become a problem.
• Identify risk indicators with employee attitudes and behavior and how it correlates to their patterns of activity on your network.
• Show how you can use log intelligence and security analytics to automate actions and alerts and rapid reporting and forensics.
In this webcast we will show:
1. The Heartbleed vulnerability in detail, how it occurred with examples of how it can be used against your organization
2. How you can identify your business exposure and what systems are vulnerable
3. How Tripwire’s solutions work together to help you close the detection, remediation and prevention gaps around Heartbleed
Tim Masey, Director of Enterprise Information Security at AAA, will share his company’s PCI journey.
In this Q&A-style webcast you will learn:
•How to move your PCI efforts from a small tactical implementation to a key critical component of your security posture.
•How to align your compliance efforts with the needs of the business, which will allow you to gain more resources—financial, human and technical.
•How to utilize security and policy driven dashboards to get your management’s support.
Jason Clark, CISSP, Tripwire Technical Manager (Middle East), will be sharing how to achieve trust after a data breach in this UK focused webcast, which will cover crucial questions such as:
•Which systems can be trusted?
•What is the extent of the compromise?
•How quickly can you attain situational awareness?
Jason will also provide participants with a practical, five-step approach to restore trust in your critical systems after a data breach. Register today to join us for this informative webcast.
Tripwire’s Senior Pre-Sales Consultant, Michael Rohse (DACH), will be sharing how to achieve trust after a data breach in this UK focused webcast, which will cover crucial questions such as:
•Which systems can be trusted?
•What is the extent of the compromise?
•How quickly can you attain situational awareness?
Michael will also provide participants with a practical, five-step approach to restore trust in your critical systems after a data breach. Register today to join us for this informative webcast.
In this webcast, Joel Barnes, UK Senior Systems Engineer, will share how best to achieve trust after a data breach. He’ll cover crucial questions, such as: Which systems can be trusted? What is the extent of the compromise? How quickly can you attain situational awareness? He will also provide participants with an approach to restore trust in your critical systems after a data breach, following five steps:
1.Know what you have and prioritize by risk levels
2.Define what “good” looks like
3.Harvest system state information from your production systems
4.Perform a reference node variance analysis to identify compromised systems
5.Remove suspect systems from the environment and return to a trustworthy state
Join us for this informative webcast!
In this webcast, Dwayne Melancon, Tripwire’s Chief Technology Officer, will share how best to achieve trust after a data breach. He’ll cover crucial questions, such as: Which systems can be trusted? What is the extent of the compromise? How quickly can you attain situational awareness? He will also provide participants with an approach to restore trust in your critical systems after a data breach, following five steps:
1.Know what you have and prioritize by risk levels
2.Define what “good” looks like
3.Harvest system state information from your production systems
4.Perform a reference node variance analysis to identify compromised systems
5.Remove suspect systems from the environment and return to a trustworthy state
Join us for this informative webcast!
As a former QSA and currently a security analyst at The 451 Research, Adrian Sanabria will share a frank viewpoint of how the new version of Payment Card Industry standard will affect your organization.
Join us for this webcast and you will:
•Obtain the point of view from the QSA
•Learn how PCI DSS 3.0 may affect your Report on Compliance
•Understand the job of a QSA and the qualities of a good QSA
•Learn how Tripwire solutions can make the job of the QSA and the PCI audit process easier
Charles Kolodgy, Research Vice President for IDC's Security Products service, and Edward Smith, Product Marketing Manager at Tripwire, will discuss:
•Integrating Vulnerability Management with other security controls to improve compliance and security posture
•Leveraging Vulnerability Management beyond the server room to reduce risk across the entire enterprise
•Combining business intelligence from Vulnerability Management with other security controls to make better business decisions
Join Jeff Hall, CISSP, CISM, CGEIT, PCI-QSA, PCIP and Senior Security Consultant at FishNet Security and Steve Hall, Director of PCI Solutions at Tripwire, to learn how PCI DSS 3.0 will impact your organization and what you need to do:
• Understanding key themes for PCI DSS 3.0
• Making sense of the new requirements, guidance, and clarifications
• What’s changed, what hasn’t, and what will affect merchants and services providers the most
• Key considerations to ensure you don’t shortchange your audit preparations
Gavin Millard, Tripwire's EMEA Technical Director, will discuss why effective vulnerability management is critical to measuring, managing and reducing your attack surface and how to gain insight from the information Tripwire can provide.
Topics covered will include
• Why asset discovery is fundamental to understanding the size and scope of your extended infrastructure
• How to gain full visibility into where the most vulnerable areas of the infrastructure reside through Tripwire’s market leading scoring approach
• How to prioritise the hosts within the infrastructure to quickly reduce the risk and gain control of your attack surface
• What reporting works with management to connect the value of vulnerability management to the business goals of the organisation
Often during budget cycles, we’re handed a number – no choice or negotiation – this is just all you get. This year however, there are some positive trends in security budget research from Gartner, IDC, Ponemon, and CEB.
This webcast will show you how to maximize your leverage of increased security spending, list the top three security budget mistakes and offer ideas that may help connect security to your organization’s bottom line.
Tune in to hear:
• Positive security budget trends and how to use them to increase your 2014 budget
• Technology trends and their impact on your security budget
• Budget presentation ideas for the C-Suite
Lamar Bailey, Tripwire's Director of the Vulnerability & Exposure Research team will provide you with a better understanding of:
- Why is the Tripwire Vulnerability scoring so granular?
- How do we arrive at those scores and why not just use CVSS?
- What do you mean by business context of measuring risk?
- How will it help us be more efficient managing risk?
Please accept our apologies for the technical difficulties encountered with this webinar on Monday. This is now due to take place on Friday 4th October.
This hour-long webinar, hosted by Gavin Millard, Tripwire's EMEA Technical Director, will discuss:
• Using the SANS critical controls to understand and reduce your infrastructures attack surface
• Profiles of the current ‘threat actors’ and how the 20 CSC can help thwart the most common threats
• How to measure the effectiveness of controls through metrics to ensure success and investment from the business
Join Rick Holland, Forrester Senior Analyst, and Edward Smith, Product Marketing Manager at Tripwire, to learn how to go beyond scanning to a strategic vulnerability management program.
In this webcast you’ll learn how a strategic VM program can help you:
• Go from counting vulnerabilities to accurately measuring, managing, and communicating risk.
• Understand and classify the assets and vulnerabilities in your environment
• Triage remediation efforts for more efficient operations
Join us for this conversational webinar featuring Jane Holl Lute, the new CEO of the Council on Cybersecurity, as she shares her thoughts on the rapidly evolving world of cybersecurity.
In this webinar, you will learn:
* How the Council on CyberSecurity will be influencing cybersecurity, the SANS 20 CSC, and how it may affect your organization
*Suggestions from Jane's experience on threat actors
*Value your organization may gain from upcoming activities and events involving Council on CyberSecurity
As Security Management solutions evolve to address today’s environment of complex security threats, the need for a log intelligence layer has emerged to provide high speed analysis and filtering of log and event data.
In this webcast, Steve Hall, Director, Product & Solution Marketing at Tripwire, discusses what’s new with Tripwire Log Center: including the new Advanced Log Collector VIA Agent and the integration of iP360, which intelligently protects critical infrastructure with the correlation of SANS top four security controls.
Needle in a Haystack – Getting to Attribution in Control SystemsMatthew Luallen and Tripwire[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]74 mins